Authentication

All API requests require authentication via an API key.

API Key

Your API key is provided upon access approval. Include it in every request.

Environment Variable (Recommended)

export AIZEL_API_KEY=ak_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

The SDK auto-detects this variable:

from aizel_commerce import AizelCommerce

client = AizelCommerce()  # Reads AIZEL_API_KEY automatically

Direct Initialization

client = AizelCommerce(api_key="ak_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")

REST API Header

curl -X POST https://api.aizelcommerce.com/v1/product/analyze \
  -H "Authorization: Bearer ak_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" \
  -H "Content-Type: application/json" \
  -d '{"title": "...", "category": "electronics"}'

Key Types

Key Rotation

# Rotate your key programmatically
new_key = client.admin.rotate_key()
print(new_key.key)       # New key (save immediately)
print(new_key.expires)   # Old key expires in 24h

On-Chain Authentication (Optional)

For blockchain-integrated workflows, authenticate with a wallet signature:

client = AizelCommerce(
    payment_mode="on_chain",
    wallet_address="0x1234...abcd",
    chain="arbitrum",
    private_key_env="WALLET_PRIVATE_KEY"  # Read from env, never hardcode
)

# The SDK signs each request with your wallet
# API usage is settled on-chain via AgentPay protocol

Rate Limiting

Rate limits are applied per API key:

When rate-limited, the API returns 429 Too Many Requests with a Retry-After header.

# The SDK handles retries automatically
client = AizelCommerce(
    max_retries=3,
    retry_backoff=True  # Exponential backoff
)

Security Best Practices

• Never commit API keys to version control
• Use environment variables or secret managers
• Rotate keys quarterly or after team member departures
• Use test keys during development
• Enable IP allowlisting for production keys (contact support)